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DETAILED ACTION 

The Request for Continued Examination has been accepted and entered. 

Response to Arguments 

Applicant's arguments filed 1 1/19/08 have been fully considered but they are not 
persuasive. 

Applicant argues that Bass teaches that login information must be provided in two 
separate instances. The examiner asserts that this portion of Bass is not relied upon, and the 
actual authentication relied upon is found in Blakely. However, even if this was relied upon, the 
applicant has not claimed such a limitation. 

Additionally Bass is no longer relied upon. Blakely encompasses all of the limitations 
taught by Bass. 

Applicant submits that Cox fails to teach an an interface component configured to 
compare an identifier associated with the authentication component with an expected identifier. 
The applicant asserts that Cox does not meet the limitations as claimed. The examiner asserts 
that the IP address of the Authentication component (Intermediate Server of "Blakeley") is an 
identifier of the Authentication component. The communications from the Authentication 
component (Intermediate Server) use the IP protocol, and thus have an IP address associated 
with the component. Cox teaches matching expected IP address with a stored IP address and if 



Application/Control Number: 1 0/72 1 ,063 Page 3 

Art Unit: 2434 

they match, allowing the communication. If the IP addresses do not match, the communication 
is cancelled. Thus the claim limitation is met. 

Applicant argues that Cox does not compare an expected identifier associated with the 
authentication component. Applicant states that in Cox packets are filtered according to rules 
associated with a user. The Examiner argues that Cox is not relied on for the "Authentication 
component" and merely to match an identifier with an expected identifier and if the identifiers 
match, the data is allowed to pass. This system meets the current claim limitations. A Resource 
or "Request processor" may filter packets by IP address according to rules associate with the 
Resource, where the Resource expects that the IP address be a specific address. In combination 
with Blakely, this address is the IP address of the "Intermediate Server" or Authentication 
component. 

Applicant argues that Cox teaches away from the combination because the security of 
packet filtering would be unnecessary. To teach away, Cox must state explicitly that it cannot be 
used, when authentication is used. Additionally, because a user is authenticated does not prevent 
further communications security breaches. Since the communication takes place over a network, 
it may be intercepted at any point. IP packet filtering assures the resource that the packets are 
not from an undesirable source. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-5, 8-12, and 15, are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Blakeley III US 7,039,714 in view of Cox US 2004/0039940. 

As per claim 1, 8, and 15, Blakely III teaches a single sign-on authentication system, 
comprising: an authentication component that determines whether a user is authenticated, 
(primary logon) (Col 5 lines 25-35). Blakely III teaches if it is determined that the user is 
authenticated, the authentication component (Intermediate Server) generates a connection 
request (request a first resource) (Col 5 lines 11-18). 

Blakely III does not teach an interface component that compares a received identifier 
with an expected identifier. 

Cox teaches communication including an identifier (IP source address) where the 
interface component compares the received identifier with an expected identifier and if 
they match makes information available to the server (compares the IP source against 
expected source address and drops or passes the packets according to a defined set of 
rules) [0034], [0035], [0039], [0041]. 

It would have been obvious to one of ordinary skill in the art to use the packet filtering of 
Cox with Blakeley III in order to prevent malicious packets from entering the system. 
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As per claims 2, and 9 Blakeley teaches the entitlement information is different from the 
information used to authenticate the user (primary logon, intermediate logon) (Col 5 lines 
25-35). 

As per claims 3, and 10 Cox teaches that the identifier an IP address is used as an 
identifier [0007]. 

As per claims 4 and 1 1 Blakely teaches teaches using a user id and or password to 
determine entitlement information (primary user id determines secondary used id) (Col 5 
lines 25-35). 

As per claims 5, and 12 Blakeley teaches the information used to authenticate the user 
includes one or more of a user identifier and a password (primary username/password) 
(Col 4 lines 10-15) (Col 5 lines 25-30). 
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Claims 6, 7, 13 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Blakeley III US 7,039,714 in view of Cox US 2004/0039940 in view of Anion US 
2004/0111463 

As per claims 6 and 13, Amon teaches the entitlement information is contained in a 
header portion of a data packet (URL in the HTTP header) Claim 1 1 . 

It would have been obvious to on of ordinary skill in the art to use the URL in the http 
header in the combination because it is a well known and widely used internet protocol. 

As per claims 7 and 14, Amon teaches the connection request is sent as an HTTP request 
(HTTP Post request) Claim 1 1 . 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER J. BROWN whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571)272-381 1 . The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christopher J Brown/ 12/14/08 
Primary Examiner, Art Unit 2434 



